升级 常见问题

    1. "registry-mirrors": [
    2. "https://hub-mirror.c.163.com",
    3. "https://bmtrgdvx.mirror.aliyuncs.com",
    4. "http://f1361db2.m.daocloud.io"
    5. ],
    6. "log-driver": "json-file",
    7. "log-opts": {
    8. "max-file": "3",
    9. "max-size": "10m"
    10. }
    11. }

    可以使用其他的镜像源, 推荐使用阿里云的镜像源 申请地址

    1. ./jmsctl.sh restore_db /opt/jumpserver.sql
    1. 开始还原数据库: /opt/jumpserver.sql
    2. mysql: [Warning] Using a password on the command line interface can be insecure.
    3. ERROR 1022 (23000) at line 1237: Can't write; duplicate key in table 'xxxxxx'
    4. ERRO[0008] error waiting for container: context canceled
    5. read unix @->ar/run/docker.sock: read: connection reset by peer
    6. 数据库恢复失败,请检查数据库文件是否完整,或尝试手动恢复!
    1. ./jmsctl.sh stop
    1. docker exec -it jms_mysql /bin/bash
    1. mysql -uroot -p$MYSQL_ROOT_PASSWORD
    1. drop database jumpserver;
    2. create database jumpserver default charset 'utf8';
    3. exit;
    4. exit
    1. ./jmsctl.sh restore_db /opt/jumpserver.sql
    2. # 注意: 确定在导入数据库的过程中没有错误

    启动 jms_core 报错

    1. ./jmsctl.sh start
    1. Creating network "jms_net" with driver "bridge"
    2. Creating jms_mysql ... done
    3. Creating jms_redis ... done
    4. Creating jms_core ... done
    5. ERROR: for celery Container "76b2e315f69d" is unhealthy.
    6. ERROR: for lina Container "76b2e315f69d" is unhealthy.
    7. ERROR: for luna Container "76b2e315f69d" is unhealthy.
    8. ERROR: for guacamole Container "76b2e315f69d" is unhealthy.
    9. ERROR: for koko Container "76b2e315f69d" is unhealthy.
    10. ERROR: Encountered errors while bringing up the project.
    1. docker logs -f jms_core --tail 200 # 如果没有报错就等表结构合并完毕后然后重新 start 即可
    1. 2021-02-08 14:58:53 Mon Feb 8 14:58:53 2021
    2. 2021-02-08 14:58:53 JumpServer version v2.9.2, more see https://www.jumpserver.org
    3. - Start Gunicorn WSGI HTTP Server
    4. 2021-02-08 14:58:53 Check database connection ...
    5. users
    6. [ ] 0001_initial
    7. [ ] 0002_auto_20171225_1157_squashed_0019_auto_20190304_1459 (18 squashed migrations)
    8. [ ] 0020_auto_20190612_1825
    9. [ ] 0021_auto_20190625_1104
    10. [ ] 0022_auto_20190625_1105
    11. [ ] 0023_auto_20190724_1525
    12. [ ] 0024_auto_20191118_1612
    13. [ ] 0025_auto_20200206_1216
    14. [ ] 0026_auto_20200508_2105
    15. [ ] 0027_auto_20200616_1503
    16. [ ] 0028_auto_20200728_1805
    17. [ ] 0029_auto_20200814_1650
    18. [ ] 0030_auto_20200819_2041
    19. [ ] 0031_auto_20201118_1801
    20. 2021-02-08 14:58:58 Database connect success
    21. Operations to perform:
    22. Apply all migrations: admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, ops, orgs, perms, sessions, settings, terminal, tickets, users
    23. Running migrations:
    24. Applying contenttypes.0001_initial... OK
    25. Applying contenttypes.0002_remove_content_type_name... OK
    26. Applying auth.0001_initial... OK
    27. Applying auth.0002_alter_permission_name_max_length... OK
    28. Applying auth.0003_alter_user_email_max_length... OK
    29. Applying auth.0004_alter_user_username_opts... OK
    30. Applying auth.0005_alter_user_last_login_null... OK
    31. Applying auth.0006_require_contenttypes_0002... OK
    32. Applying auth.0007_alter_validators_add_error_messages... OK
    33. Applying auth.0008_alter_user_username_max_length... OK
    34. Applying users.0001_initial... OK
    35. Applying admin.0001_initial... OK
    36. Applying admin.0002_logentry_remove_auto_add... OK
    37. Applying admin.0003_logentry_add_action_flag_choices... OK
    38. Applying users.0002_auto_20171225_1157_squashed_0019_auto_20190304_1459... OK
    39. Applying users.0020_auto_20190612_1825... OK
    40. Applying users.0021_auto_20190625_1104... OK
    41. Applying users.0022_auto_20190625_1105... OK
    42. Applying users.0023_auto_20190724_1525... OK
    43. Applying users.0024_auto_20191118_1612... OK
    44. Applying users.0025_auto_20200206_1216... OK
    45. Applying users.0026_auto_20200508_2105... OK
    46. Applying users.0027_auto_20200616_1503... OK
    47. Applying users.0028_auto_20200728_1805... OK
    48. Applying users.0029_auto_20200814_1650... OK
    49. Applying users.0030_auto_20200819_2041... OK
    50. Applying assets.0001_initial... OK
    51. Applying perms.0001_initial... OK
    52. Applying assets.0002_auto_20180105_1807_squashed_0009_auto_20180307_1212... OK
    53. Applying assets.0010_auto_20180307_1749_squashed_0019_auto_20180816_1320... OK
    54. Applying perms.0002_auto_20171228_0025_squashed_0009_auto_20180903_1132... OK
    55. Applying perms.0003_action... OK
    56. Applying perms.0004_assetpermission_actions... OK
    57. Applying assets.0020_auto_20180816_1652... OK
    58. Applying assets.0021_auto_20180903_1132... OK
    59. Applying assets.0022_auto_20181012_1717... OK
    60. Applying assets.0023_auto_20181016_1650... OK
    61. Applying assets.0024_auto_20181219_1614... OK
    62. Applying assets.0025_auto_20190221_1902... OK
    63. Applying assets.0026_auto_20190325_2035... OK
    64. Applying applications.0001_initial... OK
    65. Applying perms.0005_auto_20190521_1619... OK
    66. Applying perms.0006_auto_20190628_1921... OK
    67. Applying perms.0007_remove_assetpermission_actions... OK
    68. Applying perms.0008_auto_20190911_1907... OK
    69. Applying assets.0027_auto_20190521_1703... OK
    70. Applying assets.0028_protocol... OK
    71. Applying assets.0029_auto_20190522_1114... OK
    72. Applying assets.0030_auto_20190619_1135... OK
    73. Applying assets.0031_auto_20190621_1332... OK
    74. Applying assets.0032_auto_20190624_2108... OK
    75. Applying assets.0033_auto_20190624_2108... OK
    76. Applying assets.0034_auto_20190705_1348... OK
    77. Applying assets.0035_auto_20190711_2018... OK
    78. Applying assets.0036_auto_20190716_1535... OK
    79. Applying assets.0037_auto_20190724_2002... OK
    80. Applying assets.0038_auto_20190911_1634... OK
    81. Applying perms.0009_remoteapppermission_system_users... OK
    82. Applying assets.0039_authbook_is_active... OK
    83. Applying assets.0040_auto_20190917_2056... OK
    84. Applying assets.0041_gathereduser... OK
    85. Applying assets.0042_favoriteasset... OK
    86. Applying assets.0043_auto_20191114_1111... OK
    87. Applying assets.0044_platform... OK
    88. Applying assets.0045_auto_20191206_1607... OK
    89. Applying assets.0046_auto_20191218_1705... OK
    90. Applying applications.0002_remove_remoteapp_system_user... OK
    91. Applying applications.0003_auto_20191210_1659... OK
    92. Applying applications.0004_auto_20191218_1705... OK
    93. Applying assets.0047_assetuser... OK
    94. Applying assets.0048_auto_20191230_1512... OK
    95. Applying assets.0049_systemuser_sftp_root... OK
    96. Applying assets.0050_auto_20200711_1740... OK
    97. Applying assets.0051_auto_20200713_1143... OK
    98. Applying assets.0052_auto_20200715_1535... OK
    99. Applying assets.0053_auto_20200723_1232... OK
    100. Applying assets.0054_auto_20200807_1032... OK
    101. Applying applications.0005_k8sapp... OK
    102. Applying perms.0012_k8sapppermission... OK
    103. Applying assets.0055_auto_20200811_1845... OK
    104. Applying assets.0056_auto_20200904_1751... OK
    105. Applying assets.0057_fill_node_value_assets_amount_and_parent_key...
    106. ................................................................. OK
    107. Applying perms.0013_rebuildusertreetask_usergrantedmappingnode... OK
    108. Applying perms.0014_build_users_perm_tree... OK
    109. Applying perms.0015_auto_20200929_1728... OK
    110. Applying assets.0058_auto_20201023_1115... OK
    111. Applying assets.0059_auto_20201027_1905... OK
    112. Applying applications.0006_application... OK
    113. Applying perms.0016_applicationpermission... OK
    114. Applying perms.0017_auto_20210104_0435... OK
    115. Applying applications.0007_auto_20201119_1110... OK
    116. Applying applications.0008_auto_20210104_0435... OK
    117. Applying assets.0060_node_full_value...
    118. - Start migrate node value if has /
    119. - Start migrate node full value
    120. OK
    121. Applying assets.0061_auto_20201116_1757... OK
    122. Applying assets.0062_auto_20201117_1938... OK
    123. Applying assets.0063_migrate_default_node_key...
    124. Check old default node `key=0 value=Default` not exists
    125. OK
    126. Applying assets.0064_auto_20201203_1100... OK
    127. Applying assets.0065_auto_20210121_1549... OK
    128. Applying audits.0001_initial... OK
    129. Applying audits.0002_ftplog_org_id... OK
    130. Applying audits.0003_auto_20180816_1652... OK
    131. Applying audits.0004_operatelog_passwordchangelog_userloginlog... OK
    132. Applying audits.0005_auto_20190228_1715... OK
    133. Applying audits.0006_auto_20190726_1753... OK
    134. Applying audits.0007_auto_20191202_1010... OK
    135. Applying audits.0008_auto_20200508_2105... OK
    136. Applying audits.0009_auto_20200624_1654... OK
    137. Applying audits.0010_auto_20200811_1122... OK
    138. Applying audits.0011_userloginlog_backend... OK
    139. Applying auth.0009_alter_user_last_name_max_length... OK
    140. Applying auth.0010_alter_group_name_max_length... OK
    141. Applying auth.0011_update_proxy_permissions... OK
    142. Applying auth.0012_alter_user_first_name_max_length... OK
    143. Applying authentication.0001_initial... OK
    144. Applying authentication.0002_auto_20190729_1423... OK
    145. Applying authentication.0003_loginconfirmsetting... OK
    146. Applying authentication.0004_ssotoken... OK
    147. Applying captcha.0001_initial... OK
    148. Applying common.0001_initial... OK
    149. Applying common.0002_auto_20180111_1407... OK
    150. Applying common.0003_setting_category... OK
    151. Applying common.0004_setting_encrypted... OK
    152. Applying common.0005_auto_20190221_1902... OK
    153. Applying common.0006_auto_20190304_1515... OK
    154. Applying django_cas_ng.0001_initial... OK
    155. Applying django_celery_beat.0001_initial... OK
    156. Applying django_celery_beat.0002_auto_20161118_0346... OK
    157. Applying django_celery_beat.0003_auto_20161209_0049... OK
    158. Applying django_celery_beat.0004_auto_20170221_0000... OK
    159. Applying django_celery_beat.0005_add_solarschedule_events_choices... OK
    160. Applying django_celery_beat.0006_auto_20180322_0932... OK
    161. Applying django_celery_beat.0007_auto_20180521_0826... OK
    162. Applying django_celery_beat.0008_auto_20180914_1922... OK
    163. Applying django_celery_beat.0006_auto_20180210_1226... OK
    164. Applying django_celery_beat.0006_periodictask_priority... OK
    165. Applying django_celery_beat.0009_periodictask_headers... OK
    166. Applying django_celery_beat.0010_auto_20190429_0326... OK
    167. Applying django_celery_beat.0011_auto_20190508_0153... OK
    168. Applying django_celery_beat.0012_periodictask_expire_seconds... OK
    169. Applying jms_oidc_rp.0001_initial... OK
    170. Applying ops.0001_initial... OK
    171. Applying ops.0002_celerytask... OK
    172. Applying ops.0003_auto_20181207_1744... OK
    173. Applying ops.0004_adhoc_run_as... OK
    174. Applying ops.0005_auto_20181219_1807... OK
    175. Applying ops.0006_auto_20190318_1023... OK
    176. Applying ops.0007_auto_20190724_2002... OK
    177. Applying ops.0008_auto_20190919_2100... OK
    178. Applying ops.0009_auto_20191217_1713... OK
    179. Applying ops.0010_auto_20191217_1758... OK
    180. Applying ops.0011_auto_20200106_1534... OK
    181. Applying ops.0012_auto_20200108_1659... OK
    182. Applying ops.0013_auto_20200108_1706... OK
    183. Applying ops.0014_auto_20200108_1749... OK
    184. Applying ops.0015_auto_20200108_1809... OK
    185. Applying ops.0016_commandexecution_org_id... OK
    186. Applying ops.0017_auto_20200306_1747... OK
    187. Applying ops.0018_auto_20200509_1434... OK
    188. Applying ops.0019_adhocexecution_celery_task_id... OK
    189. Applying orgs.0001_initial... OK
    190. Applying orgs.0002_auto_20180903_1132... OK
    191. Applying orgs.0003_auto_20190916_1057... OK
    192. Applying orgs.0004_organizationmember... OK
    193. Applying orgs.0005_auto_20200721_1937... OK
    194. Applying orgs.0006_auto_20200721_1937... OK
    195. Applying orgs.0007_auto_20200728_1805... OK
    196. Applying orgs.0008_auto_20200819_2041... OK
    197. Applying orgs.0009_auto_20201023_1628... OK
    198. Applying sessions.0001_initial... OK
    199. Applying settings.0001_initial... OK
    200. Applying terminal.0001_initial... OK
    201. Applying terminal.0002_auto_20171228_0025_squashed_0009_auto_20180326_0957... OK
    202. Applying terminal.0010_auto_20180423_1140... OK
    203. Applying terminal.0011_auto_20180807_1116... OK
    204. Applying terminal.0012_auto_20180816_1652... OK
    205. Applying terminal.0013_auto_20181123_1113... OK
    206. Applying terminal.0014_auto_20181226_1441... OK
    207. Applying terminal.0015_auto_20190923_1529... OK
    208. Applying terminal.0016_commandstorage_replaystorage... OK
    209. Applying terminal.0017_auto_20191125_0931... OK
    210. Applying terminal.0018_auto_20191202_1010... OK
    211. Applying terminal.0019_auto_20191206_1000... OK
    212. Applying terminal.0020_auto_20191218_1721... OK
    213. Applying terminal.0021_auto_20200213_1316... OK
    214. Applying terminal.0022_session_is_success... OK
    215. Applying terminal.0023_command_risk_level... OK
    216. Applying terminal.0024_auto_20200715_1713... OK
    217. Applying terminal.0025_auto_20200810_1735... OK
    218. Applying terminal.0026_auto_20201027_1905... OK
    219. Applying terminal.0027_auto_20201102_1651... OK
    220. Applying terminal.0028_auto_20201110_1918... OK
    221. Applying terminal.0029_auto_20201116_1757... OK
    222. Applying terminal.0030_terminal_type... OK
    223. Applying terminal.0031_auto_20210113_1356... OK
    224. Applying tickets.0003_auto_20200804_1551... OK
    225. Applying tickets.0004_ticket_comment... OK
    226. Applying tickets.0005_ticket_meta_confirmed_system_users... OK
    227. Applying tickets.0006_auto_20201023_1628... OK
    228. Applying tickets.0007_auto_20201224_1821... OK
    229. Applying users.0031_auto_20201118_1801... OK
    230. 2021-02-08 14:59:31 [cache INFO] CACHE: Send refresh task <orgs.caches.OrgResourceStatisticsCache object at 0x7fb9122ce0d0>.('nodes_amount',)
    231. Operations to perform:
    232. Apply all migrations: admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, ops, orgs, perms, sessions, settings, terminal, tickets, users
    233. Running migrations:
    234. No migrations to apply.
    235. - Start Flower as Task Monitor
    236. - Start Daphne ASGI WS Server
    237. 2021-02-08 15:01:02 Check service status: gunicorn -> running at 38
    238. 2021-02-08 15:01:02 Check service status: flower -> running at 44
    239. 2021-02-08 15:01:02 Check service status: daphne -> running at 54
    1. ./jmsctl.sh start
    1. ./jmsctl.sh stop
    1. if grep -q 'COLLATE=utf8_bin' /opt/jumpserver.sql; then
    2. cp /opt/jumpserver.sql /opt/jumpserver_bak.sql
    3. sed -i 's@COLLATE=utf8_bin@@g' /opt/jumpserver.sql
    4. sed -i 's@COLLATE utf8_bin@@g' /opt/jumpserver.sql
    5. else
    6. echo "备份数据库字符集正确";
    7. fi
    1. docker exec -it jms_mysql /bin/bash
    1. drop database jumpserver;
    2. create database jumpserver default charset 'utf8';
    3. exit;
    4. exit
    1. ./jmsctl.sh restore_db /opt/jumpserver.sql
    2. # 注意: 确定在导入数据库的过程中没有错误
    1. ./jmsctl.sh start

    kombu.exceptions.OperationalError

    1. # Redis < 5.0.0 导致, 请更新 Redis 版本
    2. kombu.exceptions.OperationalError:
    3. Cannot route message for exchange 'ansible': Table empty or key no longer exists.
    4. Probably the key ('_kombu.binding.ansible') has been removed from the Redis databa
    1. docker logs -f jms_core --tail 200
    2. # 查看是否有报错,如果没有或者不完整请进入容器查看日志
    1. docker exec -it jms_core /bin/bash
    2. cat logs/jumpserver.log
    3. # 根据报错处理

    修改对外访问端口

    1. vi /opt/jumpserver/config/config.txt
    1. # 说明
    2. #### 这是项目总的配置文件, 会作为环境变量加载到各个容器中
    3. #### 格式必须是 KEY=VALUE 不能有空格等
    4. # Compose项目设置
    5. COMPOSE_PROJECT_NAME=jms
    6. COMPOSE_HTTP_TIMEOUT=3600
    7. DOCKER_CLIENT_TIMEOUT=3600
    8. DOCKER_SUBNET=192.168.250.0/24
    9. ## IPV6
    10. DOCKER_SUBNET_IPV6=2001:db8:10::/64
    11. USE_IPV6=0
    12. ### 持久化目录, 安装启动后不能再修改, 除非移动原来的持久化到新的位置
    13. VOLUME_DIR=/opt/jumpserver
    14. ## 是否使用外部MYSQL和REDIS
    15. USE_EXTERNAL_MYSQL=0
    16. USE_EXTERNAL_REDIS=0
    17. ## Nginx 配置,这个Nginx是用来分发路径到不同的服务
    18. HTTP_PORT=80 # 默认单节点对外 http 端口 (*)
    19. HTTPS_PORT=8443
    20. SSH_PORT=2222
    21. ## LB 配置, 这个Nginx是HA时可以启动负载均衡到不同的主机
    22. USE_LB=0
    23. LB_HTTP_PORT=80
    24. LB_HTTPS_PORT=443
    25. LB_SSH_PORT=2223
    26. ## Task 配置
    27. USE_TASK=1
    28. ## XPack
    29. USE_XPACK=0
    30. # Koko配置
    31. CORE_HOST=http://core:8080
    32. ENABLE_PROXY_PROTOCOL=true
    33. # Core 配置
    34. ### 启动后不能再修改,否则密码等等信息无法解密
    35. SECRET_KEY=
    36. BOOTSTRAP_TOKEN=
    37. LOG_LEVEL=INFO
    38. # SESSION_COOKIE_AGE=86400
    39. # SESSION_EXPIRE_AT_BROWSER_CLOSE=false
    40. ## MySQL数据库配置
    41. DB_ENGINE=mysql
    42. DB_HOST=mysql
    43. DB_PORT=3306
    44. DB_USER=root
    45. DB_PASSWORD=
    46. DB_NAME=jumpserver
    47. ## Redis配置
    48. REDIS_HOST=redis
    49. REDIS_PORT=6379
    50. REDIS_PASSWORD=
    51. ### Keycloak 配置方式
    52. ### AUTH_OPENID=true
    53. ### BASE_SITE_URL=https://jumpserver.company.com/
    54. ### AUTH_OPENID_SERVER_URL=https://keycloak.company.com/auth
    55. ### AUTH_OPENID_REALM_NAME=cmp
    56. ### AUTH_OPENID_CLIENT_ID=jumpserver
    57. ### AUTH_OPENID_CLIENT_SECRET=
    58. ### AUTH_OPENID_SHARE_SESSION=true
    59. ### AUTH_OPENID_IGNORE_SSL_VERIFICATION=true
    60. # Guacamole 配置
    61. JUMPSERVER_SERVER=http://core:8080
    62. JUMPSERVER_KEY_DIR=/config/guacamole/data/key/
    63. JUMPSERVER_RECORD_PATH=/config/guacamole/data/record/
    64. JUMPSERVER_DRIVE_PATH=/config/guacamole/data/drive/
    65. JUMPSERVER_ENABLE_DRIVE=true
    66. JUMPSERVER_CLEAR_DRIVE_SESSION=true
    67. JUMPSERVER_CLEAR_DRIVE_SCHEDULE=24
    68. # MySQL 容器配置
    69. MYSQL_ROOT_PASSWORD=